Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- -- user.rb
- def password=(pwd)
- @password = pwd
- return if pwd.blank?
- create_new_salt
- self.hashed_password = User.encrypted_password(self.password, self.salt)
- end
- private
- def self.encrypted_password(password, salt)
- string_to_hash = password + "somerandomvalue" + salt
- Digest::SHA1.hexdigest(string_to_hash)
- end
- def create_new_salt
- self.salt = self.object_id.to_s + rand.to_s
- end
- -- account_controller.rb
- def change_password
- @user = User.find_by_id(@login_id.id)
- if request.post?
- @user.password = params[:user_password]
- @user.update
- end
- end
- When I access the console, I can generate a new password and save by doing this;
- @user = User.find_by_id(5)
- @user.password = 'newpassword'
- @user.update
- However, it does nothing in my controller. How can I make the new password change?
- -- Rest of controller
- class AccountController < ApplicationController
- before_filter :authorize, :except => [ :login, :signup, :confirmation ]
- def index
- end
- def login
- session[:user_id] = nil
- if request.post?
- user = User.authenticate(params[:name], params[:password])
- if user
- session[:user_id] = user.id
- uri = session[:original_uri]
- session[:original_uri] = nil
- redirect_to(uri || { :controller => 'main' })
- else
- flash.now[:notice] = "Invalid user/password combination"
- end
- end
- end
- def add_user
- check_admin
- @user = User.new(params[:user])
- if request.post? and @user.save
- flash.now[:notice] = "User #{@user.name} created"
- @user = User.new
- end
- end
- def change_password
- @user = User.find_by_id(@login_id.id)
- if request.post?
- @user.password = params[:user_password]
- @user.update
- end
- end
- def confirmation
- end
- def delete_user
- check_admin
- if request.post?
- user = User.find(params[:id])
- begin
- user.destroy
- flash[:notice] = "User #{user.name} deleted"
- rescue Exception => e
- flash[:notice] = e.message
- end
- end
- redirect_to :action => 'list_users'
- end
- def list_users
- check_admin
- @all_users = User.find(:all)
- end
- def logout
- session[:user_id] = nil
- flash[:notice] = "Logged out"
- redirect_to(:controller => 'main')
- end
- def signup
- @user = User.new(params[:user])
- if request.post? and @user.save_with_captcha
- user = User.find_by_name(@user.name)
- Account.deliver_signup_thanks(user)
- @user = User.new
- redirect_to :action => 'confirmation'
- end
- end
- end
Add Comment
Please, Sign In to add comment